Hackers claim to have obtained no less than 120 million Facebook’s user accounts and are willing to sell them to you for 10 cents per account. In order to prove that they are the real deal, they have published private messages from at least 81,000 Facebook users' accounts.

The perpetrators were contacted by the BBC’s Russian Service and confirmed that they had details from a total of 120 million accounts, which they were attempting to sell.

Facebook claims its security has not been compromised and blames third parties.

IT-experts claim that the data was probably obtained through malicious browser extensions.

<blockquote class="twitter-tweet" data-lang="en"><p lang="en" dir="ltr">This is a browser feature intended for developers. If someone told you to copy-paste something here to enable a Facebook feature or &quot;hack&quot; someone&#39;s account, it is a scam and will give them access to your Facebook account. You got to be kiding me I&#39;m good but not that good… <a href="https://t.co/LalzGSOgFh">pic.twitter.com/LalzGSOgFh</a></p>&mdash; dzurik kalman habsburg josef (@DzurikJosef) <a href="https://twitter.com/DzurikJosef/status/1058268030772408320?ref_src=twsrc%5Etfw">November 2, 2018</a></blockquote>

It would furthermore appear that many of the users whose details are available online are based in Ukraine and Russia. However, some are also from the UK, US, Brazil and elsewhere. The hackers offer to sell access for 10 cents per account and provide it freely with a search engine that lets you seek out the name of whoever you are interested in. Their advert appears randomly on message boards.

Facebook executive Mr. Guy Rosen reacted: "We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores."

"We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."

The breach first appeared on an English-language internet forum, when a post from a user nicknamed FBSaler stated: "We sell personal information of Facebook users. Our database includes 120 million accounts."

The IP address belonging to the account has been flagged in the past by Cybercrime Tracker service. According to them, the address was previously used to spread the LokiBot Trojan virus (which access to user passwords).